提交 f6e80a71 编写于 作者: S Stefan Berger 提交者: Stefan Berger

Extend rule priorities into negative numbers

So far rules' priorities have only been valid in the range [0,1000].
Now I am extending their priority into the range [-1000, 1000] for subsequently
being able to sort rules and the access of (jumps into) chains following
priorities.
Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
上级 ea7c73a7
...@@ -1897,7 +1897,7 @@ virNWFilterRuleParse(xmlNodePtr node) ...@@ -1897,7 +1897,7 @@ virNWFilterRuleParse(xmlNodePtr node)
char *statematch; char *statematch;
int found; int found;
int found_i = 0; int found_i = 0;
unsigned int priority; int priority;
xmlNodePtr cur; xmlNodePtr cur;
virNWFilterRuleDefPtr ret; virNWFilterRuleDefPtr ret;
...@@ -1943,8 +1943,9 @@ virNWFilterRuleParse(xmlNodePtr node) ...@@ -1943,8 +1943,9 @@ virNWFilterRuleParse(xmlNodePtr node)
ret->priority = MAX_RULE_PRIORITY / 2; ret->priority = MAX_RULE_PRIORITY / 2;
if (prio) { if (prio) {
if (virStrToLong_ui(prio, NULL, 10, &priority) >= 0) { if (virStrToLong_i(prio, NULL, 10, &priority) >= 0) {
if (priority <= MAX_RULE_PRIORITY) if (priority <= MAX_RULE_PRIORITY &&
priority >= MIN_RULE_PRIORITY)
ret->priority = priority; ret->priority = priority;
} }
} }
......
...@@ -357,7 +357,7 @@ enum virNWFilterEbtablesTableType { ...@@ -357,7 +357,7 @@ enum virNWFilterEbtablesTableType {
}; };
# define MIN_RULE_PRIORITY 0 # define MIN_RULE_PRIORITY -1000
# define MAX_RULE_PRIORITY 1000 # define MAX_RULE_PRIORITY 1000
# define NWFILTER_MIN_FILTER_PRIORITY -1000 # define NWFILTER_MIN_FILTER_PRIORITY -1000
...@@ -389,10 +389,12 @@ enum virNWFilterRuleFlags { ...@@ -389,10 +389,12 @@ enum virNWFilterRuleFlags {
void virNWFilterPrintStateMatchFlags(virBufferPtr buf, const char *prefix, void virNWFilterPrintStateMatchFlags(virBufferPtr buf, const char *prefix,
int32_t flags, bool disp_none); int32_t flags, bool disp_none);
typedef int32_t virNWFilterRulePriority;
typedef struct _virNWFilterRuleDef virNWFilterRuleDef; typedef struct _virNWFilterRuleDef virNWFilterRuleDef;
typedef virNWFilterRuleDef *virNWFilterRuleDefPtr; typedef virNWFilterRuleDef *virNWFilterRuleDefPtr;
struct _virNWFilterRuleDef { struct _virNWFilterRuleDef {
unsigned int priority; virNWFilterRulePriority priority;
enum virNWFilterRuleFlags flags; enum virNWFilterRuleFlags flags;
int action; /*enum virNWFilterRuleActionType*/ int action; /*enum virNWFilterRuleActionType*/
int tt; /*enum virNWFilterRuleDirectionType*/ int tt; /*enum virNWFilterRuleDirectionType*/
......
...@@ -388,7 +388,7 @@ ebiptablesAddRuleInst(virNWFilterRuleInstPtr res, ...@@ -388,7 +388,7 @@ ebiptablesAddRuleInst(virNWFilterRuleInstPtr res,
const char *neededChain, const char *neededChain,
virNWFilterChainPriority chainPriority, virNWFilterChainPriority chainPriority,
char chainprefix, char chainprefix,
unsigned int priority, virNWFilterRulePriority priority,
enum RuleType ruleType) enum RuleType ruleType)
{ {
ebiptablesRuleInstPtr inst; ebiptablesRuleInstPtr inst;
......
...@@ -38,7 +38,7 @@ struct _ebiptablesRuleInst { ...@@ -38,7 +38,7 @@ struct _ebiptablesRuleInst {
const char *neededProtocolChain; const char *neededProtocolChain;
virNWFilterChainPriority chainPriority; virNWFilterChainPriority chainPriority;
char chainprefix; /* I for incoming, O for outgoing */ char chainprefix; /* I for incoming, O for outgoing */
unsigned int priority; virNWFilterRulePriority priority;
enum RuleType ruleType; enum RuleType ruleType;
}; };
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册